0 Replies Latest reply on Dec 8, 2009 1:50 PM by Sean Whyte

    Bug handling user names with Kerberos

    Sean Whyte Newbie

      First, I know this most likely won't ever be fixed because it has been end of lifed, but the Gatein project is still in Beta, as thus not a viable alternative.

      Anyway, I have been having problems where my Single Sign-On users can't access their dashboard after login. I have tracked the problem down to Kerberos users having a realm (ssoUser@REALM). If I just use ssoUser, then everything works fine.

      In reviewing the code, I find that after logging in as ssoUser@REALM, that the code in PageCustomizerInterceptor:197

      User user = controllerCtx.getUser();

      only returns ssoUser, not ssoUser@REALM.

      This is the username that is used for checking my security level in the PortalObjectPermission:295-299

      Principal user = (Principal)i.next();
      String userName = user.getName();

      return userName.equals(i2.next());

      This evaluates to ssoUser@REALM.equals(ssoUser), since the Principal still has the correct user@REALM, but i2.next() is taken from the 'path:/username', which is dashboard:/ssoUser.